version: '2.3'
|
|
|
|
services:
|
|
|
|
traefik:
|
|
image: traefik:2.4
|
|
container_name: traefik
|
|
restart: always
|
|
command:
|
|
- "--accesslog.filepath=/var/log/access.log"
|
|
- "--log.level=WARNING"
|
|
- "--providers.docker=true"
|
|
- "--providers.docker.exposedbydefault=false"
|
|
- "--entrypoints.web.address=:80"
|
|
- "--entrypoints.websecure.address=:443"
|
|
- "--entrypoints.web.http.redirections.entryPoint.to=websecure"
|
|
- "--entrypoints.web.http.redirections.entryPoint.scheme=https"
|
|
- "--certificatesresolvers.myresolver.acme.httpchallenge=true"
|
|
- "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
|
|
- "--certificatesresolvers.myresolver.acme.storage=/acme.json"
|
|
ports:
|
|
- 80:80
|
|
- 443:443
|
|
networks:
|
|
- proxy
|
|
volumes:
|
|
# - /opt/docker/overlays/traefik/var/log:/var/log/
|
|
- /opt/docker/overlays/traefik/acme.json:/acme.json
|
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
|
|
|
nextcloud-db:
|
|
image: mariadb
|
|
container_name: nextcloud-db
|
|
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
|
|
restart: always
|
|
volumes:
|
|
- /opt/docker/overlays/nextcloud-db/mysql:/var/lib/mysql
|
|
environment:
|
|
- MYSQL_ROOT_PASSWORD=AAAAAAAAAAAAAAAAAAAAAAAMYSQLROOT
|
|
- MYSQL_PASSWORD=AAAAAAAAAAAAAAAAAAAAAAAAAAAAMYSQL
|
|
- MYSQL_DATABASE=nextcloud
|
|
- MYSQL_USER=nextcloud
|
|
networks:
|
|
- nextcloud
|
|
- sncf-db
|
|
ports:
|
|
- "127.0.0.1:3306:3306"
|
|
|
|
redis:
|
|
image: redis:alpine
|
|
container_name: nextcloud-redis
|
|
restart: always
|
|
command: redis-server --requirepass AAAAAAAAAAAAAAAAAAAAAAAAAAAAREDIS
|
|
networks:
|
|
- nextcloud
|
|
|
|
|
|
nextcloud:
|
|
image: nextcloud:e95023790cc36274053af7930831a9aecbf32efd
|
|
build: https://github.com/nextcloud/docker.git#e95023790cc36274053af7930831a9aecbf32efd:20.0/fpm-alpine
|
|
container_name: nextcloud
|
|
restart: always
|
|
volumes:
|
|
# - /opt/docker/overlays/nextcloud/var/log:/var/log
|
|
- /opt/docker/overlays/nextcloud/html:/var/www/html
|
|
- /opt/docker/overlays/nextcloud/data:/var/www/data
|
|
- /opt/docker/overlays/nextcloud/skeleton:/var/www/skeleton
|
|
environment:
|
|
- MYSQL_HOST=nextcloud-db
|
|
- REDIS_HOST=redis
|
|
- REDIS_HOST_PASSWORD=AAAAAAAAAAAAAAAAAAAAAAAAAAAAREDIS
|
|
- MYSQL_PASSWORD=AAAAAAAAAAAAAAAAAAAAAAAAAAAAMYSQL
|
|
- MYSQL_DATABASE=nextcloud
|
|
- MYSQL_USER=nextcloud
|
|
depends_on:
|
|
- nextcloud-db
|
|
- redis
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
networks:
|
|
- nextcloud
|
|
- nextcloud-web
|
|
|
|
nextcloud-web:
|
|
build: ../build/nextcloud-web
|
|
container_name: nextcloud-web
|
|
restart: always
|
|
volumes:
|
|
# - /opt/docker/overlays/nextcloud-web/var/log:/var/log
|
|
- /opt/docker/overlays/nextcloud/html:/var/www/html:ro
|
|
- /opt/docker/overlays/nextcloud/data:/var/www/data:ro
|
|
- /opt/docker/overlays/nextcloud/skeleton:/var/www/skeleton:ro
|
|
labels:
|
|
- traefik.docker.network=proxy
|
|
- traefik.enable=true
|
|
- traefik.protocol=http
|
|
- traefik.port=80
|
|
- traefik.http.routers.nextlcoud.tls=true
|
|
- traefik.http.routers.nextcloud.entrypoints=websecure
|
|
- traefik.http.routers.nextcloud.tls.certresolver=myresolver
|
|
- traefik.http.routers.nextcloud.rule=Host(`oleola.ddns.net`)
|
|
- traefik.http.middlewares.nextcloud.headers.customRequestHeaders.X-Forwarded-Proto=https
|
|
- traefik.http.routers.nextcloud.middlewares=nextcloud,nextcloud_redirect, next-auth
|
|
# - traefik.http.middlewares.next-auth.basicauth.users=<output>
|
|
- traefik.http.middlewares.nextcloud.headers.stsSeconds=155520011
|
|
- traefik.http.middlewares.nextcloud.headers.stsIncludeSubdomains=true
|
|
- traefik.http.middlewares.nextcloud.headers.stsPreload=true
|
|
- traefik.http.middlewares.nextcloud_redirect.redirectregex.regex=/.well-known/(card|cal)dav
|
|
- traefik.http.middlewares.nextcloud_redirect.redirectregex.replacement=/remote.php/dav/
|
|
depends_on:
|
|
- nextcloud
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
networks:
|
|
- nextcloud
|
|
- proxy
|
|
- nextcloud-web
|
|
# logging:
|
|
# driver: syslog
|
|
|
|
cron:
|
|
image: nextcloud:stable-fpm-alpine
|
|
restart: always
|
|
container_name: nextcloud-cron
|
|
volumes:
|
|
- /opt/docker/overlays/nextcloud/html:/var/www/html
|
|
- /opt/docker/overlays/nextcloud/data:/var/www/data
|
|
- /opt/docker/overlays/nextcloud/skeleton:/var/www/skeleton
|
|
entrypoint: /cron.sh
|
|
depends_on:
|
|
- nextcloud-db
|
|
- redis
|
|
networks:
|
|
- nextcloud
|
|
- proxy
|
|
|
|
# deb-rust-sncf:
|
|
# build: ../build/deb-rust-sncf
|
|
# container_name: deb-rust-sncf
|
|
# restart: always
|
|
# volumes:
|
|
## - /opt/docker/overlays/deb-rust-sncf/var/log:/var/log
|
|
# - /opt/docker/overlays/nextcloud/html:/var/www/html
|
|
# - /opt/docker/overlays/nextcloud/data:/var/www/data
|
|
# - /opt/docker/overlays/nextcloud/skeleton:/var/www/skeleton
|
|
# labels:
|
|
# - "traefik.docker.network=proxy"
|
|
# - "traefik.enable=true"
|
|
# - "traefik.protocol=http"
|
|
# - "traefik.port=8000"
|
|
# - "traefik.http.routers.deb-rust-sncf.entrypoints=websecure"
|
|
# - "traefik.http.routers.deb-rust-sncf.tls.certresolver=myresolver"
|
|
# - "traefik.http.routers.deb-rust-sncf.rule=Host(`example.org`)"
|
|
# - "traefik.http.services.deb-rust-sncf.loadbalancer.server.port=8000"
|
|
# - "traefik.http.routers.deb-rust-sncf.middlewares=sncf, sncf-auth"
|
|
# - "traefik.http.middlewares.sncf-auth.basicauth.users=<output>
|
|
# - "traefik.http.middlewares.sncf.headers.customRequestHeaders.X-Forwarded-Proto=https"
|
|
# - "traefik.http.middlewares.sncf.headers.stsSeconds=155520011"
|
|
# - "traefik.http.middlewares.sncf.headers.stsIncludeSubdomains=true"
|
|
# - "traefik.http.middlewares.sncf.headers.stsPreload=true"
|
|
# - "traefik.http.middlewares.sncf-ratelimit.ratelimit.average=200"
|
|
# environment:
|
|
# - RUST_BACKTRACE=full
|
|
# depends_on:
|
|
# - nextcloud
|
|
# networks:
|
|
# - sncf-db
|
|
# - sncf-nc
|
|
# - proxy
|
|
|
|
networks:
|
|
proxy:
|
|
external: true
|
|
nextcloud:
|
|
external: false
|
|
driver: bridge
|
|
nextcloud-web:
|
|
external: false
|
|
driver: bridge
|
|
sncf-nc:
|
|
external: false
|
|
driver: bridge
|
|
sncf-db:
|
|
external: false
|
|
driver: bridge
|